Skip to main content

Shipwire Api

1 CVEs product

Monthly

CVE-2015-5498 MEDIUM PATCH This Month

The Shipwire API module 7.x-1.x before 7.x-1.03 for Drupal does not check the view permission for the shipments overview (admin/shipwire/shipments), which allows remote attackers to obtain sensitive. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Shipwire Api
NVD
CVSS 2.0
5.0
EPSS
0.3%
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

The Shipwire API module 7.x-1.x before 7.x-1.03 for Drupal does not check the view permission for the shipments overview (admin/shipwire/shipments), which allows remote attackers to obtain sensitive. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Shipwire Api
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy